[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: linux-wlan-ng susceptible to a 'Etherleak' attack?

Brent Miller wrote:
> Hello everyone,
> While playing around with the nessus network scanning
> program today I noticed that when I scan my wireless
> laptop (using the linux-wlan-ng drivers), nessus
> informs me that my ethernet driver is susceptible to a
> 'Etherleak' attack. This struck me as being weird as I
> remember seeing a security advisory just a little
> while ago saying to upgrade the kernel as this had
> been discovered and fixed. So just out of curiosity, I
> took out my wireless card and put in an old ethernet
> card and the warning went away.
> Since I'm not too sure how to carry out the attack,
> and I don't know if the vulnerability really exists or
> is just a false positive within nessus, can anybody
> else confirm this?
> Both the machine running nessus (2.0.7-2) and the
> laptop are running unstable and the laptop has:
>     linux-wlan-ng 0.2.0-12 w/ modules compiled against
>     kernel-source-2.4.21 2.4.21-5,
>     kernel-image 2.4.21-5-586tsc,
>     wireless card is a netgear MA401,
>     ethernet card is a linksys PCM100,
> Please include me in the cc as I'm not on the list.

Thanks for letting us know about this. I have not yet been able to try
to verify the problem, but I did look at the source of nesses, and it
uses an active probe, and not fingerprinting, and I doubt it would be a
false positive. I have also passed your message on to the author of the
linux-wlan-ng drivers, and I am Ccing this message to Debian's security

Here's some more information about the etherleak family of

see shy jo

Attachment: pgpUqQBZvLx2t.pgp
Description: PGP signature

Reply to: